User Tools

Site Tools

Install and configure Ansible automation tool on one of the servers
After installation of Ansible, write and execute Ansible playbook that performs the following on all servers:
Reconfigures DNS server from current to 8.8.8.8
Install and start the latest version of Docker CE as well as it's dependencies
Add systemd.timer configuration to run shell command "docker system prune -af" as root every day at 11:00 UTC+0
Create Docker Swarm cluster between all 3 nodes.
Launch Docker container in swarm mode on all 3 nodes that runs Nginx service and listens on port 8080.
Some theoretical questions that you should think about and provide your thoughts:
What is the purpose of "docker system prune -af" systemd timer in this context and do you think this is needed? Why?
What is the difference, if any, of using systemd timer versus cron?
For what purposes this setup can be used and how would you improve it?

What is the purpose of "docker system prune -af" systemd timer in this context and do you think this is needed? Why?

To always get the latest images(though I imagine there's a docker command for this that'd be a better solution for that).

It can also help if the images are somehow broken (crash or hard reboot damaged some files) by simply redownloading them periodically.

Though in this context it would fit to cleanup test dev images daily.

What is the difference, if any, of using systemd timer versus cron?

Harder to debug and test cron jobs vs systemd units, it's not possible to just 'systemctl start test.service' a cron job, you need to temporarily rewrite the execution to '* * * * *' or similar, and that's just not elegant or convenient.

Cron has simplicity going for it though, as you can't just create a script that launches on a timer in one line with systemd units.

For what purposes this setup can be used and how would you improve it?

Since the server prunes all docker images daily, I imagine this would server as a development server(cluster) where devs could create and test their images which would automatically get cleaned up daily.

Ansible could work with private IPv4 addresses instead of public ones since it's on LAN. I just used the public IPv4 for simplicity.